Cyber crime is an increasingly prominent threat to all aspects of society including businesses, government, banks, transportation, and individuals. The security of computer networks is dependent on the ability to recognize and defend against malicious cyber attacks. The goal of this thesis is to utilize operation research techniques to create tools that will significantly contribute to cyber security. A simulation framework and template is developed to efficiently represent computer networks and cyber security intrusion detection systems. The simulation is capable of generating complex cyber attacks based on the computer network configuration and the capabilities of the attacker. The simulation results in alert messages corresponding to attack actions and ordinary network behavior which are typically used by situational awareness tools or systems administrators to identify and take action against the attack. Through verification, validation, and an experimental performance evaluation, the simulation model is shown to be an effective tool to enable testing of situational awareness tools and for determining network vulnerabilities. In addition, this thesis extends the highly effective information fusion methods of situational awareness and threat assessment by introducing a method of adaptive process refinement for cyber security. The adaptive process refinement model utilizes integer programming optimization to improve the success of cyber attack detection, tracking, and identification. The process refinement model is designed to dynamically provide recommendations for optimal allocation of network detection resources subject to processing capacity, current attack activity, and network vulnerabilities. The cyber attack simulation methodology is utilized to create a set of attack scenarios on computer networks that are used conduct an experimental performance evaluation of the adaptive process refinement model to determine its capabilities and limitations. The simulation and process refinement methods provide operations research tools that will help to advance the field of cyber security.
Library of Congress Subject Headings
Computer crimes--Computer simulation; Computer crimes--Prevention; Cyberterrorism--Computer simulation; Cyberterrorism--Prevention; Computer networks--Security measures
Department, Program, or Center
Industrial and Systems Engineering (KGCOE)
Michael E. Kuhl
Kistner, Jason, "Cyber attack simulation and information fusion process refinement optimization models for cyber security" (2006). Thesis. Rochester Institute of Technology. Accessed from
RIT – Main Campus